IClaimsIdentity

Sometimes it’s a pain in the neck working with Claims. A lot of times you need to look for particular claim and that usually means looping through the claims collection and parsing the value to a particular type. This little dance is the trade-off for having such a simple interface to a potentially arbitrary collection…

One of the projects that’s been kicking around in the back of my head is how to make Windows Phone 7 applications able to authenticate against a Windows domain. This is a must have for enterprise developers if they want to use the new platform. There were a couple ways I could do this, but…

When working with Claims Based Authentication a lot of things are similar between the two different models, Active and Passive. However, there are a few cases where things differ… a lot. The biggest of course being how a Request for Security Token (RST) is authenticated. In a passive model the user is given a web…

Last week at TechDays in Toronto I ran into a fellow I worked with while I was at Woodbine. He works with a consulting firm Woodbine uses, and he caught my session on Windows Identity Foundation. His thoughts were (essentially—paraphrased) that the principle of Claims Authentication was sound and a good idea, however implementing it…

there comes a point where using an eavesdropping application to catch packets as they fly between Secure Token Services and Relying Parties becomes tiresome. For me it came when I decided to give up on creating a man-in-the-middle between SSL sessions between ADFS and applications. Mainly because ADFS doesn’t like that. At all. Needless to…

Using the Windows Identity Foundation to handle user authentication and identity management can require you to drastically rethink how you will build your application. There are a few fundamental differences between how authentication and roles will be handled when you switch to a Claims model. As an example if you used an STS to provide…